There are millions of sites now on the Internet. Recently, the creators of some of these sites are perpetrating a certain type of fraud. In this fraud, a site masquerades as another site, typically a site engaged in e-commerce. The masquerader site has the same appearance as the authentic site, but its programming is different. The masquerader may simply pull business away from the authentic site, or it may capture personal information about a user for nefarious purposes. The information may be just the user's Internet address, or it may be obtained from the user via dialogs, and may include the user's credit card number, social security number or any such. The masquerade is facilitated through hijacking of some subset of the Internet's domain name service (DNS) that maps Universal Resource Locators (URLs) to Internet addresses. When DNS is hijacked it returns the address of the masquerader rather than the address of the legitimate site.
Increased assurance that a web site that the user is browsing is legitimate has value to both the user and to the operator of the site. If a user is reasonably confident that a web site is legitimate he or she will be more likely to supply that web site with personal or business information of value and to conduct business with that site.
U.S. Pat. No. 5,717,756 to Coleman addresses the problem of the authentication of one machine to another. That approach uses the generation of a unique machine-specific key. The problem of current concern is not machine-specific: any web server that serves legitimate content is of equal value to the end user, and changes in machine configuration do not affect this value.
In U.S. Pat. No. 5,953,424 Vogelesang et. al. a cryptographic protocol is described capable of “detection of prior occurrences of unauthorized parties successfully masquerading as an authorized party.” This protocol requires modification of both the site and the user's browser to implement the protocol, while the subject invention requires no modification of the site.
Solutions to this fraud are known, but have drawbacks. In one solution, the end user comes into possession of a certificate from the site and validates that certificate, either locally or with a third party. Certificate validation locally adds to the complexity and cost of accessing the Internet. It does not apply if the user cannot or has not obtained the certificate, or if the user's computer has lost the certificate, as it might during a recovery process.
Third-party certificate validation adds a delay to the access to the desired site and may add a cost if the third party charges for validation. It is even possible for a site to spoof validation by registering with the third party, but subsequently to change its appearance and function and hijack DNS so as to masquerade as another legitimate site.
It is desirable for any solution to this problem to be implemented in a transparent way that is, without additional behavior that would be apparent to the end user. This is due, in part, to the fact that masquerading is infrequent, although highly disruptive when it exists.
A solution must not complicate the implementation of a legitimate site nor increase its resource requirements significantly.
It would be advantageous to users and site operators to be able to automatically differentiate between legitimate and masquerader sites, alerting the end user appropriately. This, in turn, increases the user's confidence that his or her transaction will be with a legitimate site and in so doing, increases the business potential of the Internet.